Jul 21, 2014

Have you ever encountered a mail saying you've just won a $#insert huge sum here# lottery?

Or wondered why does the mail address looks suspicious? Such are just a glimpse into the evil machinations of a scammer that uses his online prowess and apparently your lack of, to scam you of your privacy and your money.

What is Phishing?

First comes the definition, Phishing is basically an attempt at finding personal and sensitive information about you. Such information if divulged can lead to compromised accounts and a lot of grief at the end.

Where Does Phishing Occur?

'Phishing Nets' (Coined by codemakit) is the place from which the scammer starts getting your attention. Most common Phishing nets (in Order of preference of scamsters) is

What do Phishers want?

The Phishers want your personal information, everything from your email address (Which they can spam later) to your name, address, credit card information etc. (Though, I've given a few tips to protect yourself from divulging your passwords) Once they have enough information about you they can move on towards monetary pleasures. Meaning? They'll use your information against you. For an example, one of the most common phishing nets are Emails and the most common Phishing Practices include being a bank representative. They will probably tell you, that they're from a reputed bank and have your file with them.

They’ll throw in a few informative pieces of information gathered from you before to let you believe they actually have an official file on you. Then they'll frighten you by stating that you're password is about to expire and if you do not send the required information, your account will be blocked. Once you send the information you can safely say goodbye to all your hard earned income.

The Types of Phishing Techniques

There are 4 different types of Phishing.

1. The good old Bland Phishing

They just send out millions of spams to every email address they could think of and wait if anyone gets caught in their Phishing net and replies.

2. Spear Phishing

As the name suggests, This technique is usually adopted by Phishers holding extraordinary grudges against some specific person. Which might be their second grade class teacher or a college professor who dropped him or a show-off neighbor who can't keep his dog quiet at night. The Phishers gain personal information about the particular person (Sometimes he/she already knows). Once they have the information, they'll use it in the way given above to scam you of your money.

3. Whaling

Again as the name suggests, Whaling includes phishing for a whale, i.e. a really big corporate honcho or just another person with a lot of green in their reserves. The victims can also be big shot executives who actually hold the rein to the security of their companies' databases. A successful whaling attempt can lead to divulging of company database passwords or the database itself, thus opening the door to countless other phishing attempts. No amount of extreme techniques to store your passwords will keep them safe unless you're willing to save the information from falling into the hands of cunning phishers.

4. Clone Phishing

This is a relatively new technique, where the Phishers create a mail that is really similar to the ones sent by authentic sources. For example, a bank website sending promotional emails are often copied and modified. Then, the modified email containing everything will be sent to the victim. All but one change, the links in the email will be changed so that the user is redirected to the scammers’ website where the user will give its Username and password to login. Only realizing minutes later that he/she was scammed.

Phishing Terms (codemakit)

Phishing: You already Know it.

Phishing Net: The place where Phishing Starts. (Email, Social Networks, Websites)

Phishers: Scammers who phish for your information

Phisheries: Shady places (might be in Nigeria) where scammers often sit in front of computers wearing an overcoat and dark glasses (Bazinga!). These are the places from where they send/create scam.